lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20091228120125.GA10911@elte.hu>
Date:	Mon, 28 Dec 2009 13:01:25 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	Len Brown <lenb@...nel.org>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Dmitry Torokhov <dmitry.torokhov@...il.com>,
	Matthew Garrett <mjg@...hat.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: -tip: origin tree boot crash


* Ingo Molnar <mingo@...e.hu> wrote:

> * Len Brown <lenb@...nel.org> wrote:
> 
> > On Sat, 26 Dec 2009, Len Brown wrote:
> > 
> > > > [   28.643216] evbug.c: Connected device: input1 (Dell WMI hotkeys at wmi/input0)
> > > > [   28.650449] BUG: unable to handle kernel NULL pointer dereference at 00000014
> > > > [   28.654439] IP: [<c17f7f21>] wmi_install_notify_handler+0x31/0x70
> > > 
> > > Rather than reverting the broken patch that caused wmi to load,
> > > does applying this patch to deal with the broken error handling
> > > cause the oops to go away?
> > 
> > > Subject: [PATCH] Revert "wmi: Free the allocated acpi objects through wmi_get_event_data"
> > > 
> > > This reverts commit 3e9b988e4edf065d39c1343937f717319b1c1065.
> > 
> > These kfree's look correct, assuming we properly check
> > the return status.  So perhaps instead you can test
> > the patch below?
> 
> Applied it to tip:out-of-tree for testing, and have dropped the revert as 
> well. Will let you know how it goes. (if you dont hear from me later today 
> you an assume it's all fixed.)

Still a very similar looking crash (attached). I went for the plain revert in 
tip:out-of-tree again.

(Note that the system does not have this hardware, and that it's booted with 
the driver built-in. So the relevant codepath should be very simple. Config 
attached.)

	Ingo

[   27.447053] initcall compal_init+0x0/0xf7 returned -19 after 3 usecs
[   27.453409] calling  dell_wmi_init+0x0/0x129 @ 1
[   27.458255] PM: Adding info for No Bus:input3
[   27.462676] input: Dell WMI hotkeys as /class/input/input3
[   27.468179] BUG: unable to handle kernel NULL pointer dereference at 00000014
[   27.472165] IP: [<c1f26aa8>] wmi_install_notify_handler+0x28/0x80
[   27.472165] *pde = 00000000 
[   27.472165] Oops: 0000 [#1] PREEMPT SMP 
[   27.472165] last sysfs file: 
[   27.472165] 
[   27.472165] Pid: 1, comm: swapper Not tainted 2.6.33-rc2-tip-00212-g3c2365e-dirty #3297 A8N-E/System Product Name
[   27.472165] EIP: 0060:[<c1f26aa8>] EFLAGS: 00010282 CPU: 0
[   27.472165] EIP is at wmi_install_notify_handler+0x28/0x80
[   27.472165] EAX: fffffff4 EBX: c1f1e200 ECX: 22b612b0 EDX: c2b2d1e0
[   27.472165] ESI: 00000000 EDI: 00000001 EBP: f64b3f84 ESP: f64b3f78
[   27.472165]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
[   27.472165] Process swapper (pid: 1, ti=f64b3000 task=f64d0000 task.ti=f64b3000)
[   27.472165] Stack:
[   27.472165]  fffffff4 00000000 00000006 f64b3f98 c28d70d7 64a0689d 00000006 64a0689d
[   27.472165] <0> f64b3fc4 c100112b c255aa54 c28d6fb6 00000001 00000003 00000000 c28d6fb6
[   27.472165] <0> c294a50c c2882310 00000000 f64b3fd0 c28822fd c29493e8 f64b3fe4 c2882392
[   27.472165] Call Trace:
[   27.472165]  [<c28d70d7>] ? dell_wmi_init+0x121/0x129
[   27.472165]  [<c100112b>] ? do_one_initcall+0x2b/0x1c0
[   27.472165]  [<c28d6fb6>] ? dell_wmi_init+0x0/0x129
[   27.472165]  [<c28d6fb6>] ? dell_wmi_init+0x0/0x129
[   27.472165]  [<c2882310>] ? kernel_init+0x0/0xc9
[   27.472165]  [<c28822fd>] ? do_basic_setup+0x44/0x57
[   27.472165]  [<c2882392>] ? kernel_init+0x82/0xc9
[   27.472165]  [<c1039816>] ? kernel_thread_helper+0x6/0x10
[   27.472165] Code: 00 00 00 55 89 e5 56 53 83 ec 04 0f 1f 44 00 00 89 d3 89 ce 85 c0 74 2b 85 d2 74 27 8d 55 f4 e8 2f fd ff ff 8b 45 f4 85 c0 74 48 <8b> 50 20 85 d2 74 21 b8 15 00 00 00 59 5b 5e 5d c3 8d b4 26 00 
[   27.472165] EIP: [<c1f26aa8>] wmi_install_notify_handler+0x28/0x80 SS:ESP 0068:f64b3f78
[   27.472165] CR2: 0000000000000014
[   27.638896] ---[ end trace 7a45c2b3ab0f183e ]---
[   27.643524] Kernel panic - not syncing: Fatal exception
[   27.648758] Pid: 1, comm: swapper Tainted: G      D    2.6.33-rc2-tip-00212-g3c2365e-dirty #3297
[   27.657546] Call Trace:
[   27.659997]  [<c2170a4a>] ? printk+0x1d/0x1f
[   27.664281]  [<c217097f>] panic+0x52/0x100
[   27.668390]  [<c103ce33>] oops_end+0xb3/0xc0
[   27.672673]  [<c1064d74>] no_context+0xb4/0xd0
[   27.677124]  [<c1064e27>] __bad_area_nosemaphore+0x97/0x140
[   27.682706]  [<c1082437>] ? vprintk+0x297/0x420
[   27.687248]  [<c1064ee7>] bad_area_nosemaphore+0x17/0x20
[   27.692570]  [<c10652c6>] do_page_fault+0x296/0x350
[   27.697460]  [<c1f1e200>] ? dell_wmi_notify+0x0/0x1c0
[   27.702518]  [<c1065030>] ? do_page_fault+0x0/0x350
[   27.707408]  [<c2173a16>] error_code+0x66/0x70
[   27.711863]  [<c1f1e200>] ? dell_wmi_notify+0x0/0x1c0
[   27.716924]  [<c1065030>] ? do_page_fault+0x0/0x350
[   27.721810]  [<c1f26aa8>] ? wmi_install_notify_handler+0x28/0x80
[   27.727827]  [<c28d70d7>] dell_wmi_init+0x121/0x129
[   27.732713]  [<c100112b>] do_one_initcall+0x2b/0x1c0
[   27.737688]  [<c28d6fb6>] ? dell_wmi_init+0x0/0x129
[   27.742576]  [<c28d6fb6>] ? dell_wmi_init+0x0/0x129
[   27.747465]  [<c2882310>] ? kernel_init+0x0/0xc9
[   27.752094]  [<c28822fd>] do_basic_setup+0x44/0x57
[   27.756896]  [<c2882392>] kernel_init+0x82/0xc9
[   27.761436]  [<c1039816>] kernel_thread_helper+0x6/0x10

View attachment "config" of type "text/plain" (75352 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ